Denial of Service Vulnerability in vcpu_scan_ioapic Function

Denial of Service Vulnerability in vcpu_scan_ioapic Function

CVE-2018-19407 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.